From 297672ec48847ae119335d799178e72b00743c2c Mon Sep 17 00:00:00 2001 From: alejandro-campos <alejandro.campos@artica.es> Date: Tue, 31 Mar 2020 15:12:39 +0200 Subject: [PATCH 1/2] fix password checkings when pass policy is enabled --- .../godmode/users/configure_user.php | 33 +++---------------- 1 file changed, 5 insertions(+), 28 deletions(-) diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index c026015cc7..12d16ac309 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -265,34 +265,11 @@ if ($create_user) { $password_confirm = ''; $new_user = true; } else { - if ($config['enable_pass_policy']) { - $have_number = true; - $have_simbols = true; - if ($config['pass_needs_numbers']) { - $nums = preg_match('/([[:alpha:]])*(\d)+(\w)*/', $password_confirm); - if ($nums == 0) { - ui_print_error_message(__('Password must contain numbers')); - $user_info = $values; - $password_new = ''; - $password_confirm = ''; - $new_user = true; - $have_number = false; - } - } - - if ($config['pass_needs_symbols']) { - $symbols = preg_match('/(\w)*(\W)+(\w)*/', $password_confirm); - if ($symbols == 0) { - ui_print_error_message(__('Password must contain symbols')); - $user_info = $values; - $password_new = ''; - $password_confirm = ''; - $new_user = true; - $have_simbols = false; - } - } - - if ($have_number && $have_simbols) { + if ((!is_user_admin($config['id_user']) || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) { + $pass_ok = login_validate_pass($password_new, $id, true); + if ($pass_ok != 1) { + ui_print_error_message($pass_ok); + } else { $result = create_user($id, $password_new, $values); } } else { From 706738d801c7a46c4e986eadc928faebb6685036 Mon Sep 17 00:00:00 2001 From: alejandro-campos <alejandro.campos@artica.es> Date: Tue, 19 May 2020 15:58:41 +0200 Subject: [PATCH 2/2] fixed password length check in user update for admin user --- pandora_console/godmode/users/configure_user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index 12d16ac309..4e602d5125 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -390,7 +390,7 @@ if ($update_user) { $password_confirm = (string) get_parameter('password_confirm', ''); if ($password_new != '') { if ($password_confirm == $password_new) { - if ((!$values['is_admin'] || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) { + if ((!is_user_admin($config['id_user']) || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) { $pass_ok = login_validate_pass($password_new, $id, true); if ($pass_ok != 1) { ui_print_error_message($pass_ok);